<?php
/* 
 * Amnesia is Copyright (c) 2010 Mark Russell
 * 
 * Contact: info@amnesia-app.com	
 * 
 * This file is part of Amnesia.
 * 
 * Amnesia is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * Amnesia is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with Amnesia. If not, see <http://www.gnu.org/licenses/>.
 *
 */

include '../../db/db.php';

$user_id = mysql_real_escape_string ($_POST[user_id]);
$cat_name = mysql_real_escape_string ($_POST[cat_name]);
$v1 = mysql_real_escape_string ($_POST[v1]);
$v2 = mysql_real_escape_string ($_POST[v2]);
$v3 = mysql_real_escape_string ($_POST[v3]);
$v4 = mysql_real_escape_string ($_POST[v4]);
$v5 = mysql_real_escape_string ($_POST[v5]);
$v6 = mysql_real_escape_string ($_POST[v6]);
$v7 = mysql_real_escape_string ($_POST[v7]);
$v8 = mysql_real_escape_string ($_POST[v8]);
$v9 = mysql_real_escape_string ($_POST[v9]);

// Add date for notes
$date = date("jS M Y, g.ia");

$query = 'INSERT INTO ' . $cat_name . ' ';

switch ($cat_name) {
    case "web":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, url, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "1")';
		break;
	case "hosted":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, dns1, dns2, dns3, dns4, ip, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "' . $v6 . '", "' . $v7 . '", "' . $v8 . '", "' . $v9 . '", "1")';
		break;
	case "phone":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "1")';
		break;
	case "license":
        $query .= '(' . $cat_name . '_id, user_id, title, serial, url, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "1")';
		break;
	case "cards":
        $query .= '(cards_id, user_id, title, service, card_no, start, end, cvn, name, pin, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "' . $v6 . '", "' . $v7 . '", "' . $v8 . '", "' . $v9 . '", "1")';
        break;
    case "banking":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "1")';
		break;
	case "email":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, server, smtp, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "' . $v6 . '", "1")';
		break;
	case "computer_user":
        $query .= '(' . $cat_name . '_id, user_id, title, username, password, platform, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "1")';
		break;
	case "hardware":
        $query .= '(' . $cat_name . '_id, user_id, title, model, serial, location, name, tag, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "' . $v6 . '", "' . $v7 . '", "1")';
		break;
	case "certificates":
        $query .= '(' . $cat_name . '_id, user_id, title, company, url, email, certificate, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $v2 . '", "' . $v3 . '", "' . $v4 . '", "' . $v5 . '", "' . $v6 . '", "1")';
		break;
	case "notes":
        $query .= '(' . $cat_name . '_id, user_id, title, date, updated, notes, live) VALUES ("", "' . $user_id . '", "' . $v1 . '", "' . $date . '", "' . $date . '", "' . $v4 . '", "1")';
		break;
}

if(!($result = @ mysql_query ($query, $con)))
	showerror();

mysql_close($con);
?>